Auth in ArcGIS Online – Patrick Arlt
Auth in ArcGIS Online – Patrick Arlt
6 6
dev-summit-2015-authentication-in-arcgis-online
Presentation on authentication in ArcGIS Online at the 2015 Esri Dev Summit.On Github patrickarlt / dev-summit-2015-authentication-in-arcgis-online
Auth in ArcGIS Online
Patrick Arlt
Experience Developer - ArcGIS for Developers
What is oAuth 2.0?
A standard for conveying authorization decisions.
I {username} authorize {app name} to do {whatever}OAuth 2.0 is not an authentication protocol
OAuth 2.0 !== authentication protocol
OAuth 2.0 != authentication protocol
OAuth 2.0 is used inside of authentication protocols
OAuth 2.0 doesn't know about your users identities, it only care about authorization
A Complete System
oAuth 2.0 + ArcGIS Portal/Online
User Logins vs App Authentication
User Logins
User authorizes application Application can act on users behalf Usage if any is billed to that users organizationUser User Logins When...
- You have to work with private content
- you need to create/edit content
- want usage to be billed to your apps users
Application Authentication
App exchanges credentials for token Uses token to access premium services Often implimented as a proxyUse Application Authentication When…
- You only need to work with public and premium content
- You dont want your users to sign in
Whats Changed?
- ArcGIS Portal 10.3 now supports oAuth 2.0
- 1st class oAuth 2.0 support in the JS API
- More support for OAuth in the ArcGIS Runtimes
- New ways to access premium services
- Better Authentication Docs
Demo Time!
- Browser-based with JS API
- Server-based with JS API + Hapi
- App Proxies for Premium Services
Thanks!
www.esri.com/RateMyDevSummitSession
Twitter: @patrickarlt
Slides:http://arcg.is/1BAm5cz